Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

[Résolu] Analyse PC infecté

michel0607

Par michel0607
dans Analyses et éradication malwares

 Partager

Messages recommandés

michel0607 Member

michel0607

Posté(e)
Posté(e)

Bonjour à tous et merci à toutes ces personnes qui donnetn de leur temps.

 

J'aimerai avoir l'avis d'un expert sur mon rapport Hijackthis. Je soupsonne des choses anormales, genre redirection vers un autre site internet, lorsque je suis sur un moteur de recherche (Google). je ne suis pas encore un pro pour analyser ce genre de rapports. merci de votre aide .

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:17:27, on 01/02/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\ICQ6Toolbar\ICQ Service.exe

C:\Program Files\Controle Parental\bin\optproxy.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Program Files\USB Storage RW\DskWatch.exe

C:\WINDOWS\system32\carpserv.exe

C:\Program Files\CyberLink\PowerCinema\PCMService.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\VTtrayp.exe

C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE

C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe

C:\Program Files\SAGEM WiFi manager\WLANUTL.exe

C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe

C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

R3 - URLSearchHook: (no name) - - (no file)

R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [uSB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe

O4 - HKLM\..\Run: [CARPService] carpserv.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [EPSON Stylus SX200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU "C:\WINDOWS\TEMP\E_SE0.tmp" /EF "HKCU"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe

O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?

O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm

O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: ImTranslator - C:\PROGRA~1\SMARTL~1\IMTRAN~1\startup.html

O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?b2e1b30796a045b4a9f386834f117e94

O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?b2e1b30796a045b4a9f386834f117e94

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll

O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll

O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)

O9 - Extra button: ImTranslator - {AE436396-55E7-4ec4-AD6D-45E88A530A4C} - C:\PROGRA~1\SMARTL~1\IMTRAN~1\startup.html (HKCU)

O9 - Extra 'Tools' menuitem: ImTranslator - {AE436396-55E7-4ec4-AD6D-45E88A530A4C} - C:\PROGRA~1\SMARTL~1\IMTRAN~1\startup.html (HKCU)

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1108507380937

O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe

O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe

 

--

End of file - 11900 bytes

 

Merci encore

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonjour,

 

Rien dévident.

Sur quoi fondez vous vos soupçons?

 

Téléchargezrandom's system information tool (RSIT) par random/random et sauvegardez-le sur le Bureau.

 

Double-cliquez sur RSIT.exe afin de lancer RSIT.

* Cliquez Continue à l'écran Disclaimer.

* Si l'outil HIjackThis (version à jour) n'est pas présent ou détecté sur l'ordinateur, RSIT le télécharge et vous acceptez la licence.

* L'analyse terminée, deux fichiers texte s'ouvriront.:

Poster le contenu de log.txt (qui sera affiché)

ainsi que de info.txt (qui sera réduit dans la Barre des Tâches).

* Si ces deux rapports n'apparaissent pas, vous les trouverez dans le dossier C:\rsit

michel0607 Member

michel0607

Posté(e)
  • Auteur
Posté(e)

Merci Pear de votre réponse

 

J'ai éxécuté ce que vous m'avez dit, ci joint les 2 rapprots

Logfile of random's system information tool 1.05 (written by random/random)

Run by MICHEL at 2009-02-01 20:00:37

Microsoft Windows XP Édition familiale Service Pack 2

System drive C: has 102 GB (69%) free of 148 GB

Total RAM: 447 MB (34% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:01:11, on 01/02/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe

C:\WINDOWS\System32\FTRTSVC.exe

C:\Program Files\ICQ6Toolbar\ICQ Service.exe

C:\Program Files\Controle Parental\bin\optproxy.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\VTTimer.exe

C:\Program Files\USB Storage RW\DskWatch.exe

C:\WINDOWS\system32\carpserv.exe

C:\Program Files\CyberLink\PowerCinema\PCMService.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE

C:\PROGRA~1\Grisoft\AVG7\avgcc.exe

C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe

C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\VTtrayp.exe

C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE

C:\PROGRA~1\Wanadoo\TaskBarIcon.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE

C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe

C:\Program Files\SAGEM WiFi manager\WLANUTL.exe

C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\MSN Messenger\usnsvc.exe

C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe

C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\PROGRA~1\FICHIE~1\MICROS~1\Msinfo\OFFPRV10.EXE

C:\WINDOWS\system32\notepad.exe

C:\Documents and Settings\MICHEL\Local Settings\Temporary Internet Files\Content.IE5\81U3C1IN\RSIT[1].exe

C:\Program Files\Trend Micro\HijackThis\MICHEL.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

R3 - URLSearchHook: (no name) - - (no file)

R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll

O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [uSB Storage RW] C:\Program Files\USB Storage RW\DskWatch.exe

O4 - HKLM\..\Run: [CARPService] carpserv.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [EPSON Stylus DX4200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE /P26 "EPSON Stylus DX4200 Series" /O6 "USB001" /M "Stylus DX4200"

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe

O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe

O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"

O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [EPSON Stylus SX200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE /FU "C:\WINDOWS\TEMP\E_SE0.tmp" /EF "HKCU"

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe

O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?

O8 - Extra context menu item: &NeoTrace It! - C:\PROGRA~1\NEOTRA~1\NTXcontext.htm

O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: ImTranslator - C:\PROGRA~1\SMARTL~1\IMTRAN~1\startup.html

O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?b2e1b30796a045b4a9f386834f117e94

O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?b2e1b30796a045b4a9f386834f117e94

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll

O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll

O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)

O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - C:\PROGRA~1\NEOTRA~1\NTXtoolbar.htm (HKCU)

O9 - Extra button: ImTranslator - {AE436396-55E7-4ec4-AD6D-45E88A530A4C} - C:\PROGRA~1\SMARTL~1\IMTRAN~1\startup.html (HKCU)

O9 - Extra 'Tools' menuitem: ImTranslator - {AE436396-55E7-4ec4-AD6D-45E88A530A4C} - C:\PROGRA~1\SMARTL~1\IMTRAN~1\startup.html (HKCU)

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1108507380937

O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/a...gnerADP-1.1.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe

O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe

O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe

O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe

O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe

O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe

O23 - Service: Control Parental (OPTENET_FILTER) - Contrôle Parental - C:\Program Files\Controle Parental\bin\optproxy.exe

 

--

End of file - 12218 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\Vérifier les mises à jour de Windows Live Toolbar.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]

Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [2003-11-03 54248]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 322368]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]

EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2006-09-27 544032]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]

{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21 368640]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2004-10-01 53248]

"USB Storage RW"=C:\Program Files\USB Storage RW\DskWatch.exe [2004-12-23 208896]

"CARPService"=C:\WINDOWS\system32\carpserv.exe [2003-03-19 4608]

"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

"PCMService"=C:\Program Files\CyberLink\PowerCinema\PCMService.exe [2005-02-18 110744]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]

"OEM-Reset"= []

"EPSON Stylus DX4200 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAEE.EXE [2005-03-07 98304]

"AVG7_CC"=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2008-11-18 590848]

"DataLayer"=C:\Program Files\Fichiers communs\PCSuite\DataLayer\DataLayer.exe [2005-09-06 820736]

"NWEReboot"= []

"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-02-09 65024]

"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2004-06-22 143360]

"AOLDialer"=C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe [2004-04-08 496752]

"WOOWATCH"=C:\PROGRA~1\Wanadoo\Watch.exe [2004-08-23 20480]

"WOOTASKBARICON"=C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-05 15360]

"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [2004-02-25 401491]

"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2004-12-09 1937408]

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-02-06 21898024]

"Gadwin PrintScreen"=C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe [2007-08-20 495616]

"msnmsgr"=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]

"EPSON Stylus SX200 Series"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEFE.EXE [2007-12-13 188928]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntivirusRegistration]

C:\Program Files\CA\Etrust Antivirus\Register.exe [2005-01-31 458752]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe [2005-06-29 176128]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]

C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2005-08-26 860160]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]

C:\PROGRA~1\Wanadoo\Shell.exe [2004-08-23 122880]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]

C:\PROGRA~1\Wanadoo\GestMaj.exe [2004-10-14 32768]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]

C:\PROGRA~1\Wanadoo\Watch.exe [2004-08-23 20480]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AOL 9.0 Icône AOL.lnk]

C:\PROGRA~1\AOL9~1.0\aoltray.exe [2004-04-14 156784]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]

C:\PROGRA~1\MICROS~4\Office\OSA9.EXE [1999-02-17 65588]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^WinZip Quick Pick.lnk]

C:\PROGRA~1\WinZip\WZQKPICK.EXE [2007-04-30 394856]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^MICHEL^Menu Démarrer^Programmes^Démarrage^IMTranslator.lnk]

C:\PROGRA~1\SMARTL~1\IMTrans\IMTrans.exe [2004-05-17 1065984]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^MICHEL^Menu Démarrer^Programmes^Démarrage^LedWallpaper.lnk]

C:\PROGRA~1\LED\LEDWAL~1\LEDWAL~1.EXE [2008-02-11 471040]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^MICHEL^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 3.0.lnk]

C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-09-12 384000]

 

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

Ulead Photo Express 3.0 SE Calendar Checker.lnk - C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe

Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=95000000

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\CA\Etrust Antivirus\Realmon.exe"="C:\Program Files\CA\Etrust Antivirus\Realmon.exe:*:Enabled:Realmon"

"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe"="C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:PowerCinema"

"C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"

"C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"

"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"

"C:\Program Files\Microsoft ActiveSync\WcesMgr.exe"="C:\Program Files\Microsoft ActiveSync\WcesMgr.exe:*:Enabled:ActiveSync Application"

"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"

"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"

"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"

"C:\Program Files\Grisoft\AVG7\avgemc.exe"="C:\Program Files\Grisoft\AVG7\avgemc.exe:*:Enabled:avgemc.exe"

"C:\Program Files\Webcamfirst\WF_FTP.exe"="C:\Program Files\Webcamfirst\WF_FTP.exe:*:Enabled:WF FTP"

"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe:*:Enabled:AOL"

"C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe"="C:\Program Files\Fichiers communs\AOL\ACS\AOLacsd.exe:*:Enabled:AOL"

"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"

"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3d4b01d6-6899-11dd-baae-9a8474fe02b0}]

shell\AutoRun\command - J:\setupSNK.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cfe732e0-fcb1-11dc-b9d8-001556836d47}]

shell\AutoRun\command - J:\setupSNK.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f9958706-7f1a-11d9-acd4-806d6172696f}]

shell\AutoRun\command - I:\Autorun.exe

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f995870c-7f1a-11d9-acd4-806d6172696f}]

shell\AutoRun\command - D:\Autorun.exe

 

 

======List of files/folders created in the last 3 months======

 

2009-02-01 20:00:36 ----D---- C:\rsit

2009-01-24 14:40:10 ----D---- C:\Program Files\ABBYY FineReader 6.0 Sprint

2009-01-24 14:36:40 ----A---- C:\WINDOWS\system32\PICSDK2.dll

2009-01-24 14:36:40 ----A---- C:\WINDOWS\system32\PICEntry.dll

2009-01-24 14:36:36 ----D---- C:\Documents and Settings\MICHEL\Application Data\InstallShield

2009-01-24 14:35:13 ----A---- C:\WINDOWS\system32\E_FLBEFE.DLL

2009-01-24 14:35:13 ----A---- C:\WINDOWS\system32\E_FD4BEFE.DLL

2009-01-24 14:31:33 ----D---- C:\Documents and Settings\All Users\Application Data\EPSON

2009-01-24 14:30:08 ----A---- C:\WINDOWS\CDE SX200DEFGIPS.ini

2009-01-24 12:12:17 ----D---- C:\Documents and Settings\MICHEL\Application Data\Printparade

2009-01-24 12:11:11 ----A---- C:\WINDOWS\system32\leon3_32.dll

2009-01-24 12:11:10 ----A---- C:\WINDOWS\system32\Dav3_32.dll

2009-01-24 12:11:07 ----D---- C:\Program Files\PrintParade Studio

2009-01-18 17:54:26 ----A---- C:\WINDOWS\EPSTPLOG.TXT

2009-01-18 17:54:25 ----A---- C:\WINDOWS\EPSMTL32.TXT

2009-01-18 17:53:56 ----A---- C:\WINDOWS\system32\escwiad.dll

2009-01-18 17:53:56 ----A---- C:\WINDOWS\system32\escimgd.dll

2009-01-18 17:53:56 ----A---- C:\WINDOWS\system32\esccmd.dll

2009-01-18 12:00:55 ----A---- C:\WINDOWS\epsswt_log.txt

2009-01-18 11:53:48 ----A---- C:\WINDOWS\DEBUGSM.INI

2009-01-18 11:52:04 ----D---- C:\Documents and Settings\MICHEL\Application Data\EPSON

2009-01-18 10:07:52 ----A---- C:\WINDOWS\setup.ini

2009-01-18 10:00:07 ----A---- C:\WINDOWS\ULEAD32.INI

2009-01-18 09:59:55 ----A---- C:\WINDOWS\system32\MFCO40.DLL

2009-01-18 09:59:55 ----A---- C:\WINDOWS\system32\MFCO30.DLL

2009-01-18 09:59:54 ----A---- C:\WINDOWS\system32\MFC30.DLL

2009-01-18 09:59:17 ----D---- C:\Program Files\Ulead Systems

2009-01-18 09:56:00 ----D---- C:\Program Files\Trust

2009-01-18 09:56:00 ----A---- C:\WINDOWS\restart.EXE

2009-01-18 09:56:00 ----A---- C:\WINDOWS\~GLH0038.TMP

2009-01-18 09:55:59 ----D---- C:\WINDOWS\OvtCam

2009-01-18 09:55:59 ----A---- C:\WINDOWS\system32\vfwupd.exe

2009-01-18 09:55:59 ----A---- C:\WINDOWS\system32\OMCAMDIB.DLL

2009-01-08 19:20:56 ----A---- C:\WINDOWS\system32\CmutEuro32.dll

2009-01-08 19:20:56 ----A---- C:\WINDOWS\Calceuro.exe

2009-01-08 19:20:55 ----D---- C:\Program Files\FILBANQUE

2008-12-01 07:27:45 ----D---- C:\Program Files\SAGEM WiFi manager

2008-12-01 07:27:33 ----D---- C:\Program Files\SAGEM

2008-12-01 07:25:45 ----A---- C:\WINDOWS\system32\WLANUTL.dll

2008-11-25 19:58:10 ----D---- C:\Documents and Settings\MICHEL\Application Data\Nokia

2008-11-25 19:56:56 ----A---- C:\WINDOWS\system32\irmon.dll

2008-11-25 19:56:55 ----A---- C:\WINDOWS\system32\wshirda.dll

2008-11-25 19:56:55 ----A---- C:\WINDOWS\system32\irftp.exe

2008-11-20 21:29:35 ----D---- C:\Program Files\ICQ6Toolbar

2008-11-20 21:29:35 ----D---- C:\Documents and Settings\All Users\Application Data\ICQ

2008-11-20 21:29:32 ----D---- C:\Documents and Settings\MICHEL\Application Data\Mozilla

2008-11-20 21:28:10 ----D---- C:\Documents and Settings\MICHEL\Application Data\ICQ

2008-11-20 21:27:15 ----D---- C:\Program Files\ICQ6

2008-11-10 20:51:13 ----A---- C:\WINDOWS\system32\wpa.bak

2008-11-10 20:05:44 ----D---- C:\WINDOWS\Prefetch

2008-11-10 20:05:43 ----A---- C:\WINDOWS\SchedLgU.Txt

2008-11-10 19:58:25 ----A---- C:\WINDOWS\system32\wmpns.dll

2008-11-10 19:58:12 ----A---- C:\WINDOWS\OEWABLog.txt

2008-11-10 19:56:56 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2008-11-10 19:35:17 ----A---- C:\WINDOWS\system32\spxcoins.dll

2008-11-10 19:35:17 ----A---- C:\WINDOWS\system32\irclass.dll

2008-11-10 19:35:00 ----RA---- C:\WINDOWS\SETBD.tmp

2008-11-10 19:34:58 ----RA---- C:\WINDOWS\SETB1.tmp

2008-11-10 19:34:57 ----RA---- C:\WINDOWS\SETAE.tmp

2008-11-10 19:33:59 ----A---- C:\WINDOWS\setuplog.txt

2008-11-09 18:31:37 ----A---- C:\WINDOWS\ntbtlog.txt

2008-11-07 19:24:09 ----A---- C:\WINDOWS\system32\LedCommon.dll

2008-11-07 19:24:07 ----D---- C:\Program Files\LED

2008-11-05 19:16:58 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion

2008-11-04 22:24:49 ----D---- C:\Program Files\Yahoo!

2008-11-04 22:24:43 ----D---- C:\Program Files\CCleaner

2008-11-02 10:40:33 ----D---- C:\Program Files\JPEGCrops

 

======List of files/folders modified in the last 3 months======

 

2009-02-01 19:32:27 ----D---- C:\Documents and Settings\MICHEL\Application Data\Skype

2009-02-01 19:19:37 ----A---- C:\WINDOWS\NeroDigital.ini

2009-02-01 15:35:09 ----D---- C:\WINDOWS\Temp

2009-02-01 09:07:55 ----D---- C:\Documents and Settings\MICHEL\Application Data\AVG7

2009-02-01 09:07:30 ----D---- C:\Documents and Settings\MICHEL\Application Data\skypePM

2009-02-01 09:06:34 ----D---- C:\Program Files\Wanadoo

2009-01-30 08:34:42 ----D---- C:\WINDOWS\system32

2009-01-25 20:41:58 ----D---- C:\Documents and Settings\MICHEL\Application Data\FileZilla

2009-01-25 17:16:42 ----A---- C:\WINDOWS\PhotoSnapViewer.INI

2009-01-24 14:45:51 ----D---- C:\WINDOWS

2009-01-24 14:42:17 ----HD---- C:\Program Files\InstallShield Installation Information

2009-01-24 14:41:14 ----D---- C:\Program Files\epson

2009-01-24 14:40:58 ----SHD---- C:\WINDOWS\Installer

2009-01-24 14:40:10 ----RD---- C:\Program Files

2009-01-24 14:34:42 ----HD---- C:\WINDOWS\inf

2009-01-24 14:31:37 ----DC---- C:\WINDOWS\system32\DRVSTORE

2009-01-24 14:30:55 ----D---- C:\WINDOWS\system32\CatRoot2

2009-01-24 12:11:14 ----RSD---- C:\WINDOWS\Fonts

2009-01-22 20:14:53 ----A---- C:\WINDOWS\win.ini

2009-01-22 07:05:56 ----D---- C:\Documents and Settings\MICHEL\Application Data\AdobeUM

2009-01-18 17:59:29 ----D---- C:\Documents and Settings\All Users\Application Data\UDL

2009-01-18 17:56:06 ----D---- C:\WINDOWS\system32\CatRoot

2009-01-18 17:53:56 ----D---- C:\WINDOWS\twain_32

2009-01-18 10:07:55 ----RSHDC---- C:\WINDOWS\system32\dllcache

2009-01-18 10:07:51 ----D---- C:\WINDOWS\system32\drivers

2009-01-18 09:55:59 ----D---- C:\WINDOWS\system

2009-01-15 19:06:59 ----A---- C:\WINDOWS\ModemLog_FM-56PCI-HSFi-AB.txt

2009-01-13 07:35:25 ----D---- C:\Program Files\NCH Software

2009-01-07 21:50:36 ----SD---- C:\Documents and Settings\MICHEL\Application Data\Microsoft

2009-01-04 19:31:19 ----A---- C:\WINDOWS\ODBC.INI

2009-01-04 19:29:21 ----D---- C:\Program Files\Fichiers communs\System

2009-01-04 19:27:07 ----D---- C:\Program Files\Microsoft Office

2009-01-04 19:27:06 ----D---- C:\Program Files\Fichiers communs\Microsoft Shared

2009-01-04 08:32:02 ----D---- C:\WINDOWS\Help

2009-01-02 09:09:56 ----RHD---- C:\$VAULT$.AVG

2008-12-29 15:21:46 ----A---- C:\debug.txt

2008-12-02 07:22:39 ----D---- C:\WINDOWS\SoftwareDistribution

2008-12-01 07:26:53 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2008-11-25 19:57:00 ----D---- C:\WINDOWS\Media

2008-11-19 19:43:05 ----D---- C:\Program Files\iWizz

2008-11-12 20:09:55 ----SH---- C:\boot.ini

2008-11-12 20:09:55 ----A---- C:\WINDOWS\system.ini

2008-11-12 18:26:54 ----D---- C:\Documents and Settings\All Users\Application Data\avg7

2008-11-11 21:41:54 ----D---- C:\WINDOWS\pss

2008-11-10 20:41:34 ----D---- C:\WINDOWS\security

2008-11-10 20:34:51 ----D---- C:\WINDOWS\Registration

2008-11-10 20:34:27 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2008-11-10 20:31:39 ----D---- C:\WINDOWS\system32\Setup

2008-11-10 20:31:30 ----D---- C:\WINDOWS\system32\usmt

2008-11-10 20:31:18 ----D---- C:\WINDOWS\AppPatch

2008-11-10 20:31:16 ----D---- C:\WINDOWS\ime

2008-11-10 20:31:11 ----D---- C:\WINDOWS\system32\wbem

2008-11-10 20:31:01 ----D---- C:\WINDOWS\PeerNet

2008-11-10 20:30:45 ----D---- C:\WINDOWS\system32\npp

2008-11-10 20:30:37 ----D---- C:\WINDOWS\msagent

2008-11-10 20:27:20 ----D---- C:\WINDOWS\system32\1036

2008-11-10 20:25:57 ----D---- C:\WINDOWS\system32\icsxml

2008-11-10 20:25:11 ----D---- C:\WINDOWS\system32\1033

2008-11-10 20:24:03 ----D---- C:\WINDOWS\WinSxS

2008-11-10 20:24:03 ----D---- C:\WINDOWS\Driver Cache

2008-11-10 20:06:41 ----SHD---- C:\System Volume Information

2008-11-10 20:06:41 ----D---- C:\WINDOWS\system32\Restore

2008-11-10 20:04:59 ----D---- C:\WINDOWS\system32\config

2008-11-10 19:58:39 ----D---- C:\Program Files\Windows Media Player

2008-11-10 19:58:05 ----A---- C:\WINDOWS\ODBCINST.INI

2008-11-10 19:57:36 ----D---- C:\WINDOWS\system32\ias

2008-11-10 19:57:00 ----RD---- C:\WINDOWS\Web

2008-11-10 19:56:56 ----SD---- C:\WINDOWS\occache

2008-11-10 19:56:47 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2008-11-10 19:56:18 ----D---- C:\WINDOWS\system32\oobe

2008-11-10 19:55:53 ----D---- C:\Program Files\Outlook Express

2008-11-10 19:53:46 ----D---- C:\Program Files\Internet Explorer

2008-11-10 19:53:27 ----D---- C:\WINDOWS\system32\Com

2008-11-10 19:35:06 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini

2008-11-09 18:28:19 ----D---- C:\Program Files\ELECTRA

2008-11-09 18:27:18 ----D---- C:\WINDOWS\Minidump

2008-11-09 18:27:18 ----D---- C:\WINDOWS\Debug

2008-11-09 09:56:57 ----A---- C:\WINDOWS\DUMP3855.tmp

2008-11-04 22:25:39 ----D---- C:\Program Files\CleanUp!

2008-11-04 20:29:06 ----D---- C:\Program Files\WinPhone

2008-11-04 18:36:34 ----A---- C:\WINDOWS\InfModM.ini

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 AmdK8;Pilote de processeur AMD Athlon64; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2003-11-07 38400]

R1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys [2008-03-28 821856]

R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys [2008-03-28 4224]

R1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2008-03-28 27776]

R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\System32\Drivers\avgclean.sys [2008-03-28 10760]

R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2008-03-28 61424]

R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2008-03-28 23436]

R1 oreans32;oreans32; \??\C:\WINDOWS\system32\drivers\oreans32.sys []

R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-04-28 5632]

R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2005-02-20 8552]

R2 AvgTdi;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdi.sys [2008-03-28 4960]

R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-03 87424]

R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-03-19 11044]

R2 StreamDispatcher;StreamDispatcher; C:\WINDOWS\system32\DRIVERS\strmdisp.sys [2003-03-19 22400]

R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-11 391424]

R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-02-18 610988]

R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-05 60800]

R3 dskwatch;Disk Watch Filter; C:\WINDOWS\system32\drivers\dskwatch.sys [2004-11-30 15232]

R3 FETND5BV;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2004-12-16 42496]

R3 HCWBT8xx;Hauppauge WinTV 848/9 WDM Video Driver; C:\WINDOWS\system32\drivers\HCWBT8XX.sys [2006-01-25 472644]

R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-03-19 1107072]

R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys [2003-03-19 177024]

R3 MODEMCSA;Périphérique de filtrage de flux Unimodem; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]

R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-05 61824]

R3 OVT511Plus;Dual Mode USB Camera Plus; C:\WINDOWS\System32\Drivers\omcamvid.sys [2001-09-18 167816]

R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]

R3 SG760_XP;SAGEM 802.11g XG760 1211 Driver; C:\WINDOWS\system32\DRIVERS\WlanUZXP.sys [2006-01-09 261632]

R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-05 26624]

R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-05 57600]

R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-05 26496]

R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-05 20480]

R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2004-10-07 174592]

R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]

R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-03-19 622592]

R3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys [2006-01-19 17664]

S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]

S3 FETNDIS;Pilote NT de carte VIA PCI 10/100Mo Fast Ethernet; C:\WINDOWS\system32\DRIVERS\fetnd5.sys []

S3 MSIRCOMM;Microsoft IR Communications Driver; C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys [2004-08-03 22016]

S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]

S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]

S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]

S3 NTSIM;NTSIM; \??\C:\WINDOWS\system32\ntsim.sys []

S3 PCAMPR5;PCAMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCAMPR5.SYS []

S3 PCANDIS5;PCANDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCANDIS5.SYS []

S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-05 11136]

S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]

S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]

S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]

S3 STIrUsb;Dongle SigmaTel USB-IrDA; C:\WINDOWS\system32\DRIVERS\irstusb.sys [2001-08-17 26624]

S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-05 15360]

S3 USB_RNDIS;ADI Remote NDIS Network Device Driver; C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 12672]

S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-05 31616]

S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]

S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]

S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2003-12-22 104064]

S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2004-08-11 18944]

S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]

S3 ZDCndis5;ZDCndis5 Protocol Driver; \??\C:\WINDOWS\system32\ZDCndis5.SYS []

S3 ZDPNDIS5;ZDPNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\ZDPNDIS5.SYS []

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-01-04 587096]

R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe [2004-04-08 1135728]

R2 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2008-03-28 418816]

R2 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2008-03-28 49664]

R2 AVGEMS;AVG E-mail Scanner; C:\PROGRA~1\Grisoft\AVG7\avgemc.exe [2008-03-28 406528]

R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2005-02-18 172153]

R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2005-02-18 110711]

R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-02-18 24576]

R2 FTRTSVC;France Telecom Routing Table Service; C:\WINDOWS\System32\FTRTSVC.exe [2004-08-23 40960]

R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]

R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-05 14336]

R2 OPTENET_FILTER;Control Parental; C:\Program Files\Controle Parental\bin\optproxy.exe [2006-03-02 564400]

R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]

S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]

S3 WmcCds;Windows Media Connect (WMC); c:\program files\windows media connect\mswmccds.exe [2004-08-11 483328]

S3 WmcCdsLs;Aide de Windows Media Connect (WMC); C:\Program Files\Windows Media Connect\mswmcls.exe [2004-08-10 28160]

 

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.05 2009-02-01 20:01:17

 

======Uninstall list======

 

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu

-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL

-->C:\WINDOWS\UNNVEContent.exe /UNINSTALL

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

-->VTUninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Timer'

ABBYY FineReader 6.0 Sprint-->MsiExec.exe /I{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}

Ad-Aware 2007-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}

Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 6.0.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A00000000001}

AOL (France)-->C:\Program Files\Fichiers communs\aolshare\Aolunins_fr.exe

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

AVG 7.5-->C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL

Barre d'outils Outlook de Windows Live (Windows Live Toolbar)-->MsiExec.exe /X{4002F73D-EBB3-4EA1-A2FF-DBCB4529759E}

Bink and Smacker-->C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG

Bloqueur de fenêtres pop-up (Windows Live Toolbar)-->MsiExec.exe /X{51F366F4-C2E4-429A-866A-59C885ED42FD}

Budget Plus-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C964A549-C74A-11D3-B88A-00A0C9379093}\setup.exe"

Camera RAW Plug-In for EPSON Creativity Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{42EDF895-158C-484E-A7F2-42B90759F281}\SETUP.EXE" -l0x40c UNINST

Carte France -->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0703264C-17C4-416C-886A-3DE1BB7AF112}\SETUP.EXE" -uninst

CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

CleanUp!-->C:\Program Files\CleanUp!\uninstall.exe

Complément Microsoft Word pour Microsoft Works Suite-->MsiExec.exe /I{17E57E89-DDB3-4f76-9AF1-A8E01CC633E4}

Contrôle Parental-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93094D10-9388-11D4-9886-0000B43F396D}\Setup.exe" -l0x40c

Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{175B7C4A-CAF8-437A-B597-73E0D2D970FE}

Digital Camera Driver-->C:\PROGRA~1\Actebis\UNWISE.EXE C:\PROGRA~1\Actebis\INSTALL.LOG

DIKO 2.26-->"C:\Program Files\DIKO\unins000.exe"

DivX Codec-->C:\WINDOWS\unvise32.exe C:\Program Files\DivX\DivX Bundle.log

Ecran de veille AOL Photos-->C:\Program Files\Fichiers communs\AOL\Screensaver\uninst_ygpss.exe

ELECTRA 2.0.3-->"C:\Program Files\ELECTRA\unins000.exe"

Encyclopédie Microsoft Encarta 2005-->MsiExec.exe /I{05460044-64A6-4248-A026-9745C1E9E159}

EPSON Attach To Email-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG

EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x40c -UnInstall

EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}\SETUP.EXE" -l0x40c UNINST

EPSON File Manager-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x40c UNINST

EPSON Image Clip Palette-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{314F6D08-A8B7-11D8-8446-0050BA1D384D}\Setup.exe" -l0x40c -u

EPSON Logiciel imprimante-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x40c -u

EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r

EPSON Stylus SX200 Series Printer Uninstall-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FINSEFE.EXE /R /APD /P:"EPSON Stylus SX200 Series"

EPSON Stylus SX200_SX400_TX200_TX400 Manuel-->C:\Program Files\EPSON\TPMANUAL\ES_SX_TX\FRA\USE_G\DOCUNINS.EXE

EPSON Web-To-Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}\SETUP.EXE" -l0x40c -anything

ESDX4800_4200 Guide util.-->C:\Program Files\EPSON\TPMANUAL\ESDX4800_4200\USE_G\DOCUNINS.EXE

eTrust Registration-->MsiExec.exe /X{6BFF4534-7608-41F0-85F7-31A0569D8960}

Extension de Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{D518AD32-C710-4616-BA0D-D4B1FA5F82E8}

Extension HighMAT pour l'Assistant Graver un CD de Microsoft Windows XP-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}

Falk Navigator TMC Edition-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F6B238-8379-4ECD-8F62-811A1C0F2DAC}\SETUP.EXE" -uninst

FileZilla Client 3.0.8.1-->C:\Program Files\FileZilla FTP Client\uninstall.exe

FM-56PCI-HSFi-AB-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F00\HXFSETUP.EXE -U -IVEN_14F1&DEV_2F02&SUBSYS_000B1767

Gadwin PrintScreen-->C:\Program Files\Gadwin Systems\PrintScreen\Uninstall.exe

Gestionnaire Internet-->C:\PROGRA~1\Wanadoo\uninstall.exe

Google Earth-->MsiExec.exe /I{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}

Hauppauge French Help Files and Resources-->C:\PROGRA~1\WinTV\UNHLPfra.EXE C:\PROGRA~1\WinTV\WTV2Kfra.LOG

Hauppauge WinTV Scheduler-->C:\PROGRA~1\WinTV\SCHEDU~1\UniSched.EXE C:\PROGRA~1\WinTV\SCHEDU~1\INSTALL.LOG

Hauppauge WinTV Soft PVR-->C:\PROGRA~1\WinTV\UNSftPVR.EXE C:\PROGRA~1\WinTV\softpvr.LOG

Hauppauge WinTV Source Selector-->C:\PROGRA~1\WinTV\UNtvsel.EXE C:\PROGRA~1\WinTV\WINTVsel.LOG

Hauppauge WinTV2000-->C:\PROGRA~1\WinTV\UNTV32.EXE C:\PROGRA~1\WinTV\WINTV2K.LOG

HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall

ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe

ICQ6-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly

ImTranslator for IE-->C:\PROGRA~1\SMARTL~1\IMTRAN~1\UNWISE.EXE C:\PROGRA~1\SMARTL~1\IMTRAN~1\INSTALL.LOG

IMTranslator-->C:\PROGRA~1\SMARTL~1\IMTrans\UNWISE.EXE C:\PROGRA~1\SMARTL~1\IMTrans\INSTALL.LOG

iWizz-->C:\Program Files\iWizz\uninstall.exe

iWizz-->C:\Program Files\iWizz\uninstall.exe

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

JPEGCrops 0.7.1 beta-->"C:\Program Files\JPEGCrops\unins000.exe"

K-Lite Codec Pack 3.9.0 Full-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

Learn2 Player (Uninstall Only)-->C:\Program Files\Learn2.com\StRunner\stuninst.exe

Lecteur Windows Media 10-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

LedWallpaper 1.7.8-->"C:\Program Files\LED\LedWallpaper\unins000.exe"

Livebox-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}\Setup.exe" -l0x40c

Marco Polo Turbo Vocabulary Tutor Français Allemand 3.50 - 20050906-->"C:\Program Files\Marco Polo Turbo Vocabulary Tutor\Français Allemand 3.50 - 20050906\uninstall.exe"

Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{3585ED1C-74C5-43B0-A232-831B96A12A2B}

Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}

Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft ActiveSync 3.7-->"C:\WINDOWS\ISUN040C.EXE" -f"C:\Program Files\Microsoft ActiveSync\DeIsL1.isu" -c"C:\Program Files\Microsoft ActiveSync\ceuninst.dll"

Microsoft AutoRoute 2005-->MsiExec.exe /I{67E4EE98-59F4-4220-89A6-A20AF5BEC689}

Microsoft Money-->C:\Program Files\Microsoft Money 2005\MNYCoreFiles\Setup\uninst.exe /s:120

Microsoft Office 2000 Premium-->MsiExec.exe /I{0000040C-78E1-11D2-B60F-006097C998E7}

Microsoft Outlook 2002-->MsiExec.exe /I{911A040C-6000-11D3-8CFE-0050048383C9}

Microsoft Photo Premium 10-->"C:\Program Files\Fichiers communs\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=PREM

Microsoft Word 2002-->MsiExec.exe /I{911B040C-6000-11D3-8CFE-0050048383C9}

Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04}

Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"

Module de connectivité AOL-->C:\PROGRA~1\FICHIE~1\AOL\ACS\AcsUninstall.exe /c

MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

Navigateur Orange-->C:\PROGRA~1\Wanadoo\Shell.exe inst\uninst_FTBrowser.shl

Navigation par onglets (Windows Live Toolbar)-->MsiExec.exe /X{E74559C2-BB47-45AD-83DD-0D66B67E7811}

NeoTrace Express 3.25-->C:\PROGRA~1\NEOTRA~1\UNWISE.EXE C:\PROGRA~1\NEOTRA~1\INSTALL.LOG

Nero Suite-->C:\Program Files\Fichiers communs\Nero\Uninstall\Setupx.exe /uninstall ExtraUninstallID=""

Nokia Connectivity Cable Driver-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{3C1599DA-9ED9-4090-930F-B8BC4D99D6B0}

Nokia PC Suite-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{FBD6A335-7E02-43B0-AF58-1B472F9BD3E1}

OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{F242B06B-517F-4D62-B654-16B11564A912}

Online Manuals for WinTV (French)-->C:\PROGRA~1\WinTV\UNTVmans.exe C:\PROGRA~1\WinTV\WinTVMan.LOG

OpenOffice.org 3.0-->MsiExec.exe /I{6860B340-530D-46B3-91F8-1AE1F70F7C33}

PIF DESIGNER-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x40c anything

PowerCinema 4.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" -uninstall

PrintParade Studio-->C:\PROGRA~1\PRINTP~1\UNWISE.EXE C:\PROGRA~1\PRINTP~1\INSTALL.LOG

Prism Video Converter-->C:\Program Files\NCH Software\Prism\uninst.exe

QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}

RealPlayer Basic-->C:\Program Files\Fichiers communs\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0

Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE

Roxio PhotoSuite 5-->MsiExec.exe /I{607CE53B-0999-4F3B-8FF1-DB1AA47548A8}

S3 S3Display-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Display'

S3 S3Gamma2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Gamma2'

S3 S3Info2-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Info2'

S3 S3Overlay-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Overlay'

S3 S3TrayPlus-->vtuninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3TrayPlus'

SAGEM Wi-Fi 11g USB adapter (outil)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6266AB37-350F-483C-88D2-C530ACA42645}\setup.exe" -l0x40c

SAGEM Wi-Fi 11g USB adapter (pilote)-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E2AA331E-E10E-438C-B1C0-24B2FFD3D9C4}\setup.exe" -l0x40c

SAMSUNG CDMA Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe

SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SSBCUninstall.exe

Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe

SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe

SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe

Sélecteur d'installation de Microsoft Works 2005-->C:\Program Files\Microsoft Works Suite 2005\Setup\Launcher.exe /ARP e:\

Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log

Skype 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}

Switch Sound File Converter-->C:\Program Files\NCH Swift Sound\Switch\uninst.exe

TurboZIP Version 3.00-->"C:\Program Files\TurboZIP3\Setup.Exe" /U

Ulead Photo Express 3.0 SE-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\Uninst.isu" -c"C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\IS32Inst.dll"

UniChrome Pro IGP Display Driver and Utilities-->C:\PROGRA~1\S3Inc\S3\s3setvga.exe -s -fC:\PROGRA~1\S3Inc\S3\S3.uns

Uninstall USB Storage RW 3.00.06.b03-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{30A3EE3C-D860-4A6C-BB6B-E6B92C927703}\setup.exe" -l0x40c UNINST

VIA Gestionnaire de périphériques de plate-forme-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}

VIA Rhine-Family Fast Ethernet Adapter-->Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA

Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Experience Technology\mtsAxInstaller.exe /u

VirtualDubMOD 1.5.10.2 b2540 Fr-->C:\Program Files\VirtualDubMOD\UnInstall_VDMOD.exe

Visionneuse Journal Windows Microsoft-->MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}

VTPlus32 pour WinTV (French)-->C:\PROGRA~1\vtplus\UNVTplus.exe C:\PROGRA~1\vtplus\VTPlus.LOG

Webcamfirst 3.1.8-->"C:\Program Files\Webcamfirst\uninstall.exe"

Windows Live Favorites pour Windows Live Toolbar-->MsiExec.exe /X{DCE65B11-710D-4C54-9DE5-1A6A0BD2186B}

Windows Live Messenger-->MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}

Windows Live Sign-in Assistant-->MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}

Windows Live Toolbar-->"C:\Program Files\Windows Live Toolbar\UnInstall.exe" {05AE605F-3146-46ED-BC52-0A14EBF57962}

Windows Live Toolbar-->MsiExec.exe /X{05AE605F-3146-46ED-BC52-0A14EBF57962}

Windows Media Connect-->msiexec.exe /I {F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}

Windows Media Connect-->MsiExec.exe /I{F6869CD2-3DB4-476D-A4C7-B3AE7C3ACF7B}

Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

WinPhone-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\WinPhone\Uninst.isu" -c"C:\Program Files\WinPhone\uninst.dll

WinZip 11.1-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}

Yahoo! Install Manager-->C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL

Yahoo! Toolbar avec bloqueur de fenêtres pop-up-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

 

======Security center information======

 

AV: AVG 7.5.552

 

System event log

 

Computer Name: NOM-EE41446DB59

Event Code: 7036

Message: Le service Configuration automatique sans fil est entré dans l'état : arrêté.

 

Record Number: 12533

Source Name: Service Control Manager

Time Written: 20081223071839.000000+060

Event Type: Informations

User:

 

Computer Name: NOM-EE41446DB59

Event Code: 7035

Message: Un contrôle Arrêter a correctement été envoyé au service Configuration automatique sans fil.

 

Record Number: 12532

Source Name: Service Control Manager

Time Written: 20081223071839.000000+060

Event Type: Informations

User: NOM-EE41446DB59\MICHEL

 

Computer Name: NOM-EE41446DB59

Event Code: 7035

Message: Un contrôle Démarrer a correctement été envoyé au service Gestionnaire de connexions d'accès distant.

 

Record Number: 12531

Source Name: Service Control Manager

Time Written: 20081223071839.000000+060

Event Type: Informations

User: NOM-EE41446DB59\MICHEL

 

Computer Name: NOM-EE41446DB59

Event Code: 7036

Message: Le service Téléphonie est entré dans l'état : en cours d'exécution.

 

Record Number: 12530

Source Name: Service Control Manager

Time Written: 20081223071839.000000+060

Event Type: Informations

User:

 

Computer Name: NOM-EE41446DB59

Event Code: 7036

Message: Le service Service de découvertes SSDP est entré dans l'état : en cours d'exécution.

 

Record Number: 12529

Source Name: Service Control Manager

Time Written: 20081223071839.000000+060

Event Type: Informations

User:

 

Application event log

 

Computer Name: NOM-EE41446DB59

Event Code: 102

Message: wuaueng.dll (2836) SUS20ClientDataStore: Le moteur de base de données a démarré une nouvelle instance (0).

 

Record Number: 3692

Source Name: ESENT

Time Written: 20081112075205.000000+060

Event Type: Informations

User:

 

Computer Name: NOM-EE41446DB59

Event Code: 100

Message: wuauclt (2836) Le moteur de base de données 5.01.2600.2180 est démarré.

 

Record Number: 3691

Source Name: ESENT

Time Written: 20081112075205.000000+060

Event Type: Informations

User:

 

Computer Name: NOM-EE41446DB59

Event Code: 101

Message: wuauclt (1092) Le moteur de base de données est arrêté.

 

Record Number: 3690

Source Name: ESENT

Time Written: 20081112072643.000000+060

Event Type: Informations

User:

 

Computer Name: NOM-EE41446DB59

Event Code: 103

Message: wuaueng.dll (1092) SUS20ClientDataStore: Le moteur de base de données a arrêté une instance (0).

 

Record Number: 3689

Source Name: ESENT

Time Written: 20081112072643.000000+060

Event Type: Informations

User:

 

Computer Name: NOM-EE41446DB59

Event Code: 102

Message: MsnMsgr (2204) \\.\C:\Documents and Settings\MICHEL\Local Settings\Application Data\Microsoft\Messenger\nimira44522@hotmail.fr\SharingMetadata\Working\database_52B4_ECE8_FC91_4FA3\dfsr.db: Le moteur de base de données a démarré une nouvelle instance (0).

 

Record Number: 3688

Source Name: ESENT

Time Written: 20081112072313.000000+060

Event Type: Informations

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\Fichiers communs\Roxio Shared\DLLShared;C:\Program Files\Samsung\Samsung PC Studio 3\;C:\Program Files\Fichiers communs\GIS\Tools;C:\Program Files\QuickTime\QTSystem\

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 28 Stepping 0, AuthenticAMD

"PROCESSOR_REVISION"=1c00

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"PS5ROOT"=C:\Program Files\Roxio\PhotoSuite\

"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip

"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

 

-----------------EOF-----------------

 

Merci pour votre aide.

 

Bonne soirée

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonsoir,

 

aucune trace d'infection.

Ily a , par contre des restes d'anciennes protections:

CA®eTrust Antivirus

Alwil Avast! Antivirus

 

Je n'ai rien pour la première.

 

vous pouvez utiliser cet outil de suppression d'Avast!

Supprimer Avast

  • Tonton a modifié le titre en [Résolu] Analyse PC infecté

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...